[Pkg-drupal-commits] r1921 - in /branches/drupal-5.0: ./ debian/ includes/ misc/ modules/aggregator/ modules/block/ modules/blog/ modules/blogapi/ modules/book/ modules/color/ modules/comment/ modules/contact/ modules/drupal/ modules/filter/ modules/forum/ modules/help/ modules/legacy/ modules/locale/ modules/menu/ modules/node/ modules/path/ modules/ping/ modules/poll/ modules/profile/ modules/search/ modules/statistics/ modules/system/ modules/taxonomy/ modules/throttle/ modules/tracker/ modules/upload/ modules/user/ modules/watchdog/ themes/engines/phptemplate/
luigi at users.alioth.debian.org
luigi at users.alioth.debian.org
Thu Aug 14 23:39:21 UTC 2008
Author: luigi
Date: Thu Aug 14 23:39:21 2008
New Revision: 1921
URL: http://svn.debian.org/wsvn/pkg-drupal/?sc=1&rev=1921
Log:
New upstream release, Fixes several XSS vulnerabilities (Ref: SA-2008-047)(Closes: #495122)
Added:
branches/drupal-5.0/modules/blogapi/blogapi.install
- copied unchanged from r1918, branches/upstream/current-5/modules/blogapi/blogapi.install
Modified:
branches/drupal-5.0/CHANGELOG.txt
branches/drupal-5.0/debian/changelog
branches/drupal-5.0/includes/file.inc
branches/drupal-5.0/includes/form.inc
branches/drupal-5.0/includes/xmlrpc.inc
branches/drupal-5.0/misc/drupal.js
branches/drupal-5.0/modules/aggregator/aggregator.info
branches/drupal-5.0/modules/block/block.info
branches/drupal-5.0/modules/blog/blog.info
branches/drupal-5.0/modules/blogapi/blogapi.info
branches/drupal-5.0/modules/blogapi/blogapi.module
branches/drupal-5.0/modules/book/book.info
branches/drupal-5.0/modules/color/color.info
branches/drupal-5.0/modules/comment/comment.info
branches/drupal-5.0/modules/contact/contact.info
branches/drupal-5.0/modules/drupal/drupal.info
branches/drupal-5.0/modules/filter/filter.info
branches/drupal-5.0/modules/filter/filter.module
branches/drupal-5.0/modules/forum/forum.info
branches/drupal-5.0/modules/help/help.info
branches/drupal-5.0/modules/legacy/legacy.info
branches/drupal-5.0/modules/locale/locale.info
branches/drupal-5.0/modules/menu/menu.info
branches/drupal-5.0/modules/node/node.info
branches/drupal-5.0/modules/path/path.info
branches/drupal-5.0/modules/ping/ping.info
branches/drupal-5.0/modules/poll/poll.info
branches/drupal-5.0/modules/profile/profile.info
branches/drupal-5.0/modules/search/search.info
branches/drupal-5.0/modules/statistics/statistics.info
branches/drupal-5.0/modules/system/system.info
branches/drupal-5.0/modules/system/system.module
branches/drupal-5.0/modules/taxonomy/taxonomy.info
branches/drupal-5.0/modules/throttle/throttle.info
branches/drupal-5.0/modules/tracker/tracker.info
branches/drupal-5.0/modules/upload/upload.info
branches/drupal-5.0/modules/user/user.info
branches/drupal-5.0/modules/user/user.module
branches/drupal-5.0/modules/watchdog/watchdog.info
branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine
Modified: branches/drupal-5.0/CHANGELOG.txt
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/CHANGELOG.txt?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/CHANGELOG.txt (original)
+++ branches/drupal-5.0/CHANGELOG.txt Thu Aug 14 23:39:21 2008
@@ -1,4 +1,10 @@
-// $Id: CHANGELOG.txt,v 1.173.2.23 2008/07/23 19:52:50 drumm Exp $
+// $Id: CHANGELOG.txt,v 1.173.2.25 2008/08/13 23:59:09 drumm Exp $
+
+Drupal 5.10, 2008-08-13
+-----------------------
+- fixed a variety of small bugs.
+- fixed security issues, (Cross site scripting, Arbitrary file uploads via
+ BlogAPI and Cross site request forgery), see SA-2008-047
Drupal 5.9, 2008-07-23
----------------------
@@ -8,7 +14,8 @@
Drupal 5.8, 2008-07-09
----------------------
- fixed a variety of small bugs.
-- fixed security issues, (Cross site scripting, cross site request forgery, and session fixation), see SA-2008-044
+- fixed security issues, (Cross site scripting, cross site request forgery, and
+ session fixation), see SA-2008-044
Drupal 5.7, 2008-01-28
----------------------
Modified: branches/drupal-5.0/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/debian/changelog?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/debian/changelog (original)
+++ branches/drupal-5.0/debian/changelog Thu Aug 14 23:39:21 2008
@@ -1,8 +1,17 @@
+drupal5 (5.10-1) UNRELEASED; urgency=low
+
+ * (NOT RELEASED YET)
+
+ [ Luigi Gangitano ]
+ * New upstream release
+ - Fixes several XSS vulnerabilities (Ref: SA-2008-047)(Closes: #495122)
+
+ -- Luigi Gangitano <luigi at debian.org> Fri, 15 Aug 2008 01:35:50 +0200
+
drupal5 (5.9-1) unstable; urgency=high
[ Luigi Gangitano ]
* Urgency high due to security fixes
-
* New upstream release
- Fixes Security Fixation vulnerability that was not completely addressed
Modified: branches/drupal-5.0/includes/file.inc
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/includes/file.inc?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/includes/file.inc (original)
+++ branches/drupal-5.0/includes/file.inc Thu Aug 14 23:39:21 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: file.inc,v 1.90.2.4 2008/02/11 05:45:48 drumm Exp $
+// $Id: file.inc,v 1.90.2.5 2008/08/13 23:59:09 drumm Exp $
/**
* @file
@@ -227,7 +227,7 @@
// requires an absolute path, so we use realpath().
$file->filepath = tempnam(realpath(file_directory_temp()), 'tmp_');
- $file->filemime = $_FILES["files"]["type"][$source];
+ $file->filemime = file_get_mimetype($file->filename);
// Rename potentially executable files, to help prevent exploits.
if (preg_match('/\.(php|pl|py|cgi|asp|js)$/i', $file->filename) && (substr($file->filename, -4) != '.txt')) {
@@ -733,3 +733,375 @@
}
return $max_size;
}
+
+/**
+ * Determine an Internet Media Type, or MIME type from a filename.
+ *
+ * @param $filename
+ * Name of the file, including extension.
+ * @param $mapping
+ * An optional array of extension to media type mappings in the form
+ * 'extension1|extension2|...' => 'type'.
+ *
+ * @return
+ * The internet media type registered for the extension or application/octet-stream for unknown extensions.
+ */
+function file_get_mimetype($filename, $mapping = NULL) {
+ if (!is_array($mapping)) {
+ $mapping = variable_get('mime_extension_mapping', array(
+ 'ez' => 'application/andrew-inset',
+ 'atom' => 'application/atom',
+ 'atomcat' => 'application/atomcat+xml',
+ 'atomsrv' => 'application/atomserv+xml',
+ 'cap|pcap' => 'application/cap',
+ 'cu' => 'application/cu-seeme',
+ 'tsp' => 'application/dsptype',
+ 'spl' => 'application/x-futuresplash',
+ 'hta' => 'application/hta',
+ 'jar' => 'application/java-archive',
+ 'ser' => 'application/java-serialized-object',
+ 'class' => 'application/java-vm',
+ 'hqx' => 'application/mac-binhex40',
+ 'cpt' => 'image/x-corelphotopaint',
+ 'nb' => 'application/mathematica',
+ 'mdb' => 'application/msaccess',
+ 'doc|dot' => 'application/msword',
+ 'bin' => 'application/octet-stream',
+ 'oda' => 'application/oda',
+ 'ogg|ogx' => 'application/ogg',
+ 'pdf' => 'application/pdf',
+ 'key' => 'application/pgp-keys',
+ 'pgp' => 'application/pgp-signature',
+ 'prf' => 'application/pics-rules',
+ 'ps|ai|eps' => 'application/postscript',
+ 'rar' => 'application/rar',
+ 'rdf' => 'application/rdf+xml',
+ 'rss' => 'application/rss+xml',
+ 'rtf' => 'application/rtf',
+ 'smi|smil' => 'application/smil',
+ 'wpd' => 'application/wordperfect',
+ 'wp5' => 'application/wordperfect5.1',
+ 'xhtml|xht' => 'application/xhtml+xml',
+ 'xml|xsl' => 'application/xml',
+ 'zip' => 'application/zip',
+ 'cdy' => 'application/vnd.cinderella',
+ 'kml' => 'application/vnd.google-earth.kml+xml',
+ 'kmz' => 'application/vnd.google-earth.kmz',
+ 'xul' => 'application/vnd.mozilla.xul+xml',
+ 'xls|xlb|xlt' => 'application/vnd.ms-excel',
+ 'cat' => 'application/vnd.ms-pki.seccat',
+ 'stl' => 'application/vnd.ms-pki.stl',
+ 'ppt|pps' => 'application/vnd.ms-powerpoint',
+ 'odc' => 'application/vnd.oasis.opendocument.chart',
+ 'odb' => 'application/vnd.oasis.opendocument.database',
+ 'odf' => 'application/vnd.oasis.opendocument.formula',
+ 'odg' => 'application/vnd.oasis.opendocument.graphics',
+ 'otg' => 'application/vnd.oasis.opendocument.graphics-template',
+ 'odi' => 'application/vnd.oasis.opendocument.image',
+ 'odp' => 'application/vnd.oasis.opendocument.presentation',
+ 'otp' => 'application/vnd.oasis.opendocument.presentation-template',
+ 'ods' => 'application/vnd.oasis.opendocument.spreadsheet',
+ 'ots' => 'application/vnd.oasis.opendocument.spreadsheet-template',
+ 'odt' => 'application/vnd.oasis.opendocument.text',
+ 'odm' => 'application/vnd.oasis.opendocument.text-master',
+ 'ott' => 'application/vnd.oasis.opendocument.text-template',
+ 'oth' => 'application/vnd.oasis.opendocument.text-web',
+ 'docm' => 'application/vnd.ms-word.document.macroEnabled.12',
+ 'docx' => 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
+ 'dotm' => 'application/vnd.ms-word.template.macroEnabled.12',
+ 'dotx' => 'application/vnd.openxmlformats-officedocument.wordprocessingml.template',
+ 'potm' => 'application/vnd.ms-powerpoint.template.macroEnabled.12',
+ 'potx' => 'application/vnd.openxmlformats-officedocument.presentationml.template',
+ 'ppam' => 'application/vnd.ms-powerpoint.addin.macroEnabled.12',
+ 'ppsm' => 'application/vnd.ms-powerpoint.slideshow.macroEnabled.12',
+ 'ppsx' => 'application/vnd.openxmlformats-officedocument.presentationml.slideshow',
+ 'pptm' => 'application/vnd.ms-powerpoint.presentation.macroEnabled.12',
+ 'pptx' => 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
+ 'xlam' => 'application/vnd.ms-excel.addin.macroEnabled.12',
+ 'xlsb' => 'application/vnd.ms-excel.sheet.binary.macroEnabled.12',
+ 'xlsm' => 'application/vnd.ms-excel.sheet.macroEnabled.12',
+ 'xlsx' => 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+ 'xltm' => 'application/vnd.ms-excel.template.macroEnabled.12',
+ 'xltx' => 'application/vnd.openxmlformats-officedocument.spreadsheetml.template',
+ 'cod' => 'application/vnd.rim.cod',
+ 'mmf' => 'application/vnd.smaf',
+ 'sdc' => 'application/vnd.stardivision.calc',
+ 'sds' => 'application/vnd.stardivision.chart',
+ 'sda' => 'application/vnd.stardivision.draw',
+ 'sdd' => 'application/vnd.stardivision.impress',
+ 'sdf' => 'application/vnd.stardivision.math',
+ 'sdw' => 'application/vnd.stardivision.writer',
+ 'sgl' => 'application/vnd.stardivision.writer-global',
+ 'sxc' => 'application/vnd.sun.xml.calc',
+ 'stc' => 'application/vnd.sun.xml.calc.template',
+ 'sxd' => 'application/vnd.sun.xml.draw',
+ 'std' => 'application/vnd.sun.xml.draw.template',
+ 'sxi' => 'application/vnd.sun.xml.impress',
+ 'sti' => 'application/vnd.sun.xml.impress.template',
+ 'sxm' => 'application/vnd.sun.xml.math',
+ 'sxw' => 'application/vnd.sun.xml.writer',
+ 'sxg' => 'application/vnd.sun.xml.writer.global',
+ 'stw' => 'application/vnd.sun.xml.writer.template',
+ 'sis' => 'application/vnd.symbian.install',
+ 'vsd' => 'application/vnd.visio',
+ 'wbxml' => 'application/vnd.wap.wbxml',
+ 'wmlc' => 'application/vnd.wap.wmlc',
+ 'wmlsc' => 'application/vnd.wap.wmlscriptc',
+ 'wk' => 'application/x-123',
+ '7z' => 'application/x-7z-compressed',
+ 'abw' => 'application/x-abiword',
+ 'dmg' => 'application/x-apple-diskimage',
+ 'bcpio' => 'application/x-bcpio',
+ 'torrent' => 'application/x-bittorrent',
+ 'cab' => 'application/x-cab',
+ 'cbr' => 'application/x-cbr',
+ 'cbz' => 'application/x-cbz',
+ 'cdf' => 'application/x-cdf',
+ 'vcd' => 'application/x-cdlink',
+ 'pgn' => 'application/x-chess-pgn',
+ 'cpio' => 'application/x-cpio',
+ 'csh' => 'text/x-csh',
+ 'deb|udeb' => 'application/x-debian-package',
+ 'dcr|dir|dxr' => 'application/x-director',
+ 'dms' => 'application/x-dms',
+ 'wad' => 'application/x-doom',
+ 'dvi' => 'application/x-dvi',
+ 'rhtml' => 'application/x-httpd-eruby',
+ 'flac' => 'application/x-flac',
+ 'pfa|pfb|gsf|pcf|pcf.Z' => 'application/x-font',
+ 'mm' => 'application/x-freemind',
+ 'gnumeric' => 'application/x-gnumeric',
+ 'sgf' => 'application/x-go-sgf',
+ 'gcf' => 'application/x-graphing-calculator',
+ 'gtar|tgz|taz' => 'application/x-gtar',
+ 'hdf' => 'application/x-hdf',
+ 'phtml|pht|php' => 'application/x-httpd-php',
+ 'phps' => 'application/x-httpd-php-source',
+ 'php3' => 'application/x-httpd-php3',
+ 'php3p' => 'application/x-httpd-php3-preprocessed',
+ 'php4' => 'application/x-httpd-php4',
+ 'ica' => 'application/x-ica',
+ 'ins|isp' => 'application/x-internet-signup',
+ 'iii' => 'application/x-iphone',
+ 'iso' => 'application/x-iso9660-image',
+ 'jnlp' => 'application/x-java-jnlp-file',
+ 'js' => 'application/x-javascript',
+ 'jmz' => 'application/x-jmol',
+ 'chrt' => 'application/x-kchart',
+ 'kil' => 'application/x-killustrator',
+ 'skp|skd|skt|skm' => 'application/x-koan',
+ 'kpr|kpt' => 'application/x-kpresenter',
+ 'ksp' => 'application/x-kspread',
+ 'kwd|kwt' => 'application/x-kword',
+ 'latex' => 'application/x-latex',
+ 'lha' => 'application/x-lha',
+ 'lyx' => 'application/x-lyx',
+ 'lzh' => 'application/x-lzh',
+ 'lzx' => 'application/x-lzx',
+ 'frm|maker|frame|fm|fb|book|fbdoc' => 'application/x-maker',
+ 'mif' => 'application/x-mif',
+ 'wmd' => 'application/x-ms-wmd',
+ 'wmz' => 'application/x-ms-wmz',
+ 'com|exe|bat|dll' => 'application/x-msdos-program',
+ 'msi' => 'application/x-msi',
+ 'nc' => 'application/x-netcdf',
+ 'pac' => 'application/x-ns-proxy-autoconfig',
+ 'nwc' => 'application/x-nwc',
+ 'o' => 'application/x-object',
+ 'oza' => 'application/x-oz-application',
+ 'p7r' => 'application/x-pkcs7-certreqresp',
+ 'crl' => 'application/x-pkcs7-crl',
+ 'pyc|pyo' => 'application/x-python-code',
+ 'qtl' => 'application/x-quicktimeplayer',
+ 'rpm' => 'application/x-redhat-package-manager',
+ 'sh' => 'text/x-sh',
+ 'shar' => 'application/x-shar',
+ 'swf|swfl' => 'application/x-shockwave-flash',
+ 'sit|sitx' => 'application/x-stuffit',
+ 'sv4cpio' => 'application/x-sv4cpio',
+ 'sv4crc' => 'application/x-sv4crc',
+ 'tar' => 'application/x-tar',
+ 'tcl' => 'application/x-tcl',
+ 'gf' => 'application/x-tex-gf',
+ 'pk' => 'application/x-tex-pk',
+ 'texinfo|texi' => 'application/x-texinfo',
+ '~|%|bak|old|sik' => 'application/x-trash',
+ 't|tr|roff' => 'application/x-troff',
+ 'man' => 'application/x-troff-man',
+ 'me' => 'application/x-troff-me',
+ 'ms' => 'application/x-troff-ms',
+ 'ustar' => 'application/x-ustar',
+ 'src' => 'application/x-wais-source',
+ 'wz' => 'application/x-wingz',
+ 'crt' => 'application/x-x509-ca-cert',
+ 'xcf' => 'application/x-xcf',
+ 'fig' => 'application/x-xfig',
+ 'xpi' => 'application/x-xpinstall',
+ 'au|snd' => 'audio/basic',
+ 'mid|midi|kar' => 'audio/midi',
+ 'mpga|mpega|mp2|mp3|m4a' => 'audio/mpeg',
+ 'm3u' => 'audio/x-mpegurl',
+ 'oga|spx' => 'audio/ogg',
+ 'sid' => 'audio/prs.sid',
+ 'aif|aiff|aifc' => 'audio/x-aiff',
+ 'gsm' => 'audio/x-gsm',
+ 'wma' => 'audio/x-ms-wma',
+ 'wax' => 'audio/x-ms-wax',
+ 'ra|rm|ram' => 'audio/x-pn-realaudio',
+ 'ra' => 'audio/x-realaudio',
+ 'pls' => 'audio/x-scpls',
+ 'sd2' => 'audio/x-sd2',
+ 'wav' => 'audio/x-wav',
+ 'alc' => 'chemical/x-alchemy',
+ 'cac|cache' => 'chemical/x-cache',
+ 'csf' => 'chemical/x-cache-csf',
+ 'cbin|cascii|ctab' => 'chemical/x-cactvs-binary',
+ 'cdx' => 'chemical/x-cdx',
+ 'cer' => 'chemical/x-cerius',
+ 'c3d' => 'chemical/x-chem3d',
+ 'chm' => 'chemical/x-chemdraw',
+ 'cif' => 'chemical/x-cif',
+ 'cmdf' => 'chemical/x-cmdf',
+ 'cml' => 'chemical/x-cml',
+ 'cpa' => 'chemical/x-compass',
+ 'bsd' => 'chemical/x-crossfire',
+ 'csml|csm' => 'chemical/x-csml',
+ 'ctx' => 'chemical/x-ctx',
+ 'cxf|cef' => 'chemical/x-cxf',
+ 'emb|embl' => 'chemical/x-embl-dl-nucleotide',
+ 'spc' => 'chemical/x-galactic-spc',
+ 'inp|gam|gamin' => 'chemical/x-gamess-input',
+ 'fch|fchk' => 'chemical/x-gaussian-checkpoint',
+ 'cub' => 'chemical/x-gaussian-cube',
+ 'gau|gjc|gjf' => 'chemical/x-gaussian-input',
+ 'gal' => 'chemical/x-gaussian-log',
+ 'gcg' => 'chemical/x-gcg8-sequence',
+ 'gen' => 'chemical/x-genbank',
+ 'hin' => 'chemical/x-hin',
+ 'istr|ist' => 'chemical/x-isostar',
+ 'jdx|dx' => 'chemical/x-jcamp-dx',
+ 'kin' => 'chemical/x-kinemage',
+ 'mcm' => 'chemical/x-macmolecule',
+ 'mmd|mmod' => 'chemical/x-macromodel-input',
+ 'mol' => 'chemical/x-mdl-molfile',
+ 'rd' => 'chemical/x-mdl-rdfile',
+ 'rxn' => 'chemical/x-mdl-rxnfile',
+ 'sd|sdf' => 'chemical/x-mdl-sdfile',
+ 'tgf' => 'chemical/x-mdl-tgf',
+ 'mcif' => 'chemical/x-mmcif',
+ 'mol2' => 'chemical/x-mol2',
+ 'b' => 'chemical/x-molconn-Z',
+ 'gpt' => 'chemical/x-mopac-graph',
+ 'mop|mopcrt|mpc|dat|zmt' => 'chemical/x-mopac-input',
+ 'moo' => 'chemical/x-mopac-out',
+ 'mvb' => 'chemical/x-mopac-vib',
+ 'asn' => 'chemical/x-ncbi-asn1-spec',
+ 'prt|ent' => 'chemical/x-ncbi-asn1-ascii',
+ 'val|aso' => 'chemical/x-ncbi-asn1-binary',
+ 'pdb|ent' => 'chemical/x-pdb',
+ 'ros' => 'chemical/x-rosdal',
+ 'sw' => 'chemical/x-swissprot',
+ 'vms' => 'chemical/x-vamas-iso14976',
+ 'vmd' => 'chemical/x-vmd',
+ 'xtel' => 'chemical/x-xtel',
+ 'xyz' => 'chemical/x-xyz',
+ 'gif' => 'image/gif',
+ 'ief' => 'image/ief',
+ 'jpeg|jpg|jpe' => 'image/jpeg',
+ 'pcx' => 'image/pcx',
+ 'png' => 'image/png',
+ 'svg|svgz' => 'image/svg+xml',
+ 'tiff|tif' => 'image/tiff',
+ 'djvu|djv' => 'image/vnd.djvu',
+ 'wbmp' => 'image/vnd.wap.wbmp',
+ 'ras' => 'image/x-cmu-raster',
+ 'cdr' => 'image/x-coreldraw',
+ 'pat' => 'image/x-coreldrawpattern',
+ 'cdt' => 'image/x-coreldrawtemplate',
+ 'ico' => 'image/x-icon',
+ 'art' => 'image/x-jg',
+ 'jng' => 'image/x-jng',
+ 'bmp' => 'image/x-ms-bmp',
+ 'psd' => 'image/x-photoshop',
+ 'pnm' => 'image/x-portable-anymap',
+ 'pbm' => 'image/x-portable-bitmap',
+ 'pgm' => 'image/x-portable-graymap',
+ 'ppm' => 'image/x-portable-pixmap',
+ 'rgb' => 'image/x-rgb',
+ 'xbm' => 'image/x-xbitmap',
+ 'xpm' => 'image/x-xpixmap',
+ 'xwd' => 'image/x-xwindowdump',
+ 'eml' => 'message/rfc822',
+ 'igs|iges' => 'model/iges',
+ 'msh|mesh|silo' => 'model/mesh',
+ 'wrl|vrml' => 'model/vrml',
+ 'ics|icz' => 'text/calendar',
+ 'css' => 'text/css',
+ 'csv' => 'text/csv',
+ '323' => 'text/h323',
+ 'html|htm|shtml' => 'text/html',
+ 'uls' => 'text/iuls',
+ 'mml' => 'text/mathml',
+ 'asc|txt|text|pot' => 'text/plain',
+ 'rtx' => 'text/richtext',
+ 'sct|wsc' => 'text/scriptlet',
+ 'tm|ts' => 'text/texmacs',
+ 'tsv' => 'text/tab-separated-values',
+ 'jad' => 'text/vnd.sun.j2me.app-descriptor',
+ 'wml' => 'text/vnd.wap.wml',
+ 'wmls' => 'text/vnd.wap.wmlscript',
+ 'bib' => 'text/x-bibtex',
+ 'boo' => 'text/x-boo',
+ 'h++|hpp|hxx|hh' => 'text/x-c++hdr',
+ 'c++|cpp|cxx|cc' => 'text/x-c++src',
+ 'h' => 'text/x-chdr',
+ 'htc' => 'text/x-component',
+ 'c' => 'text/x-csrc',
+ 'd' => 'text/x-dsrc',
+ 'diff|patch' => 'text/x-diff',
+ 'hs' => 'text/x-haskell',
+ 'java' => 'text/x-java',
+ 'lhs' => 'text/x-literate-haskell',
+ 'moc' => 'text/x-moc',
+ 'p|pas' => 'text/x-pascal',
+ 'gcd' => 'text/x-pcs-gcd',
+ 'pl|pm' => 'text/x-perl',
+ 'py' => 'text/x-python',
+ 'etx' => 'text/x-setext',
+ 'tcl|tk' => 'text/x-tcl',
+ 'tex|ltx|sty|cls' => 'text/x-tex',
+ 'vcs' => 'text/x-vcalendar',
+ 'vcf' => 'text/x-vcard',
+ '3gp' => 'video/3gpp',
+ 'dl' => 'video/dl',
+ 'dif|dv' => 'video/dv',
+ 'fli' => 'video/fli',
+ 'gl' => 'video/gl',
+ 'mpeg|mpg|mpe' => 'video/mpeg',
+ 'mp4' => 'video/mp4',
+ 'ogv' => 'video/ogg',
+ 'qt|mov' => 'video/quicktime',
+ 'mxu' => 'video/vnd.mpegurl',
+ 'lsf|lsx' => 'video/x-la-asf',
+ 'mng' => 'video/x-mng',
+ 'asf|asx' => 'video/x-ms-asf',
+ 'wm' => 'video/x-ms-wm',
+ 'wmv' => 'video/x-ms-wmv',
+ 'wmx' => 'video/x-ms-wmx',
+ 'wvx' => 'video/x-ms-wvx',
+ 'avi' => 'video/x-msvideo',
+ 'movie' => 'video/x-sgi-movie',
+ 'ice' => 'x-conference/x-cooltalk',
+ 'sisx' => 'x-epoc/x-sisx-app',
+ 'vrm|vrml|wrl' => 'x-world/x-vrml',
+ 'xps' => 'application/vnd.ms-xpsdocument',
+ ));
+ }
+ foreach ($mapping as $ext_preg => $mime_match) {
+ if (preg_match('!\.('. $ext_preg .')$!i', $filename)) {
+ return $mime_match;
+ }
+ }
+
+ return 'application/octet-stream';
+}
Modified: branches/drupal-5.0/includes/form.inc
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/includes/form.inc?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/includes/form.inc (original)
+++ branches/drupal-5.0/includes/form.inc Thu Aug 14 23:39:21 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: form.inc,v 1.174.2.13 2007/12/27 08:41:52 drumm Exp $
+// $Id: form.inc,v 1.174.2.14 2008/08/04 04:00:24 drumm Exp $
/**
* @defgroup form Form generation
@@ -530,10 +530,11 @@
/* Validate the current input */
if (!isset($elements['#validated']) || !$elements['#validated']) {
if (isset($elements['#needs_validation'])) {
- // An empty textfield returns '' so we use empty(). An empty checkbox
- // and a textfield could return '0' and empty('0') returns TRUE so we
- // need a special check for the '0' string.
- if ($elements['#required'] && empty($elements['#value']) && $elements['#value'] !== '0') {
+ // Make sure a value is passed when the field is required.
+ // A simple call to empty() will not cut it here as some fields, like
+ // checkboxes, can return a valid value of '0'. Instead, check the
+ // length if it's a string, and the item count if it's an array.
+ if ($elements['#required'] && (!count($elements['#value']) || (is_string($elements['#value']) && strlen(trim($elements['#value'])) == 0))) {
form_error($elements, t('!name field is required.', array('!name' => $elements['#title'])));
}
Modified: branches/drupal-5.0/includes/xmlrpc.inc
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/includes/xmlrpc.inc?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/includes/xmlrpc.inc (original)
+++ branches/drupal-5.0/includes/xmlrpc.inc Thu Aug 14 23:39:21 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: xmlrpc.inc,v 1.38.2.3 2008/06/07 00:38:35 drumm Exp $
+// $Id: xmlrpc.inc,v 1.38.2.4 2008/08/13 18:01:53 drumm Exp $
/*
Drupal XML-RPC library. Based on the IXR - The Incutio XML-RPC Library - (c) Incutio Ltd 2002-2005
@@ -387,7 +387,7 @@
$xmlrpc_date->hour = date('H', $time);
$xmlrpc_date->minute = date('i', $time);
$xmlrpc_date->second = date('s', $time);
- $xmlrpc_date->iso8601 = date('Ymd\TH:i:s');
+ $xmlrpc_date->iso8601 = date('Ymd\TH:i:s', $time);
}
else {
$time = str_replace(array('-', ':'), '', $time);
Modified: branches/drupal-5.0/misc/drupal.js
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/misc/drupal.js?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/misc/drupal.js (original)
+++ branches/drupal-5.0/misc/drupal.js Thu Aug 14 23:39:21 2008
@@ -1,4 +1,4 @@
-// $Id: drupal.js,v 1.29.2.1 2007/07/15 23:07:06 drumm Exp $
+// $Id: drupal.js,v 1.29.2.2 2008/08/13 18:12:23 drumm Exp $
var Drupal = Drupal || {};
@@ -202,5 +202,5 @@
// Global Killswitch on the <html> element
if (Drupal.jsEnabled) {
- document.documentElement.className = 'js';
+ $(document.documentElement).addClass('js');
}
Modified: branches/drupal-5.0/modules/aggregator/aggregator.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/aggregator/aggregator.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/aggregator/aggregator.info (original)
+++ branches/drupal-5.0/modules/aggregator/aggregator.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/block/block.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/block/block.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/block/block.info (original)
+++ branches/drupal-5.0/modules/block/block.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/blog/blog.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/blog/blog.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/blog/blog.info (original)
+++ branches/drupal-5.0/modules/blog/blog.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/blogapi/blogapi.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/blogapi/blogapi.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/blogapi/blogapi.info (original)
+++ branches/drupal-5.0/modules/blogapi/blogapi.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/blogapi/blogapi.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/blogapi/blogapi.module?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/blogapi/blogapi.module (original)
+++ branches/drupal-5.0/modules/blogapi/blogapi.module Thu Aug 14 23:39:21 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: blogapi.module,v 1.100.2.3 2008/05/26 07:52:40 drumm Exp $
+// $Id: blogapi.module,v 1.100.2.5 2008/08/13 23:59:09 drumm Exp $
/**
* @file
@@ -129,7 +129,7 @@
t('Retrieve information about the text formatting plugins supported by the server.')),
array(
'mt.publishPost',
- 'blogap_mti_publish_post',
+ 'blogapi_mt_publish_post',
array('boolean', 'string', 'string', 'string'),
t('Publish (rebuild) all of the static files related to an entry from your weblog. Equivalent to saving an entry in the system (but without the ping).')));
}
@@ -362,20 +362,63 @@
return blogapi_error($user);
}
+ $usersize = 0;
+ $uploadsize = 0;
+
+ $roles = array_intersect(user_roles(0, 'administer content with blog api'), $user->roles);
+
+ foreach ($roles as $rid => $name) {
+ $extensions .= ' '. strtolower(variable_get("blogapi_extensions_$rid", variable_get('blogapi_extensions_default', 'jpg jpeg gif png txt doc xls pdf ppt pps odt ods odp')));
+ $usersize= max($usersize, variable_get("blogapi_usersize_$rid", variable_get('blogapi_usersize_default', 1)) * 1024 * 1024);
+ $uploadsize = max($uploadsize, variable_get("blogapi_uploadsize_$rid", variable_get('blogapi_uploadsize_default', 1)) * 1024 * 1024);
+ }
+
+ $filesize = strlen($file['bits']);
+
+ if ($filesize > $uploadsize) {
+ return blogapi_error(t('It is not possible to upload the file, because it exceeded the maximum filesize of @maxsize.', array('@maxsize' => format_size($uploadsize))));
+ }
+
+ if (_blogapi_space_used($user->uid) + $filesize > $usersize) {
+ return blogapi_error(t('The file can not be attached to this post, because the disk quota of @quota has been reached.', array('@quota' => format_size($usersize))));
+ }
+
+ // Only allow files with whitelisted extensions and convert remaining dots to
+ // underscores to prevent attacks via non-terminal executable extensions with
+ // files such as exploit.php.jpg.
+
+ $whitelist = array_unique(explode(' ', trim($extensions)));
+
$name = basename($file['name']);
+
+ if ($extension_position = strrpos($name, '.')) {
+ $filename = drupal_substr($name, 0, $extension_position);
+ $final_extension = drupal_substr($name, $extension_position + 1);
+
+ if (!in_array(strtolower($final_extension), $whitelist)) {
+ return blogapi_error(t('It is not possible to upload the file, because it is only possible to upload files with the following extensions: @extensions', array('@extensions' => implode(' ', $whitelist))));
+ }
+
+ $filename = str_replace('.', '_', $filename);
+ $filename .= '.'. $final_extension;
+ }
+
$data = $file['bits'];
if (!$data) {
return blogapi_error(t('No file sent.'));
}
- if (!$file = file_save_data($data, $name)) {
+ if (!$file = file_save_data($data, $filename)) {
return blogapi_error(t('Error storing file.'));
}
+
+ db_query("INSERT INTO {blogapi_files} (uid, filepath, filesize) VALUES (%d, '%s', %d)", $user->uid, $file, $filesize);
// Return the successful result.
return array('url' => file_create_url($file), 'struct');
}
+
/**
* Blogging API callback. Returns a list of the taxonomy terms that can be
* associated with a blog node.
@@ -474,7 +517,7 @@
/**
* Blogging API callback. Publishes the given node
*/
-function blogap_mti_publish_post($postid, $username, $password) {
+function blogapi_mt_publish_post($postid, $username, $password) {
$user = blogapi_validate_user($username, $password);
if (!$user->uid) {
return blogapi_error($user);
@@ -554,6 +597,82 @@
'#options' => $node_types,
'#description' => t('Select the content types for which you wish to enable posting via blogapi. Each type will appear as a different "blog" in the client application (if supported).')
);
+
+
+ $blogapi_extensions_default = variable_get('blogapi_extensions_default', 'jpg jpeg gif png txt doc xls pdf ppt pps odt ods odp');
+ $blogapi_uploadsize_default = variable_get('blogapi_uploadsize_default', 1);
+ $blogapi_usersize_default = variable_get('blogapi_usersize_default', 1);
+
+ $form['settings_general'] = array(
+ '#type' => 'fieldset',
+ '#title' => t('File settings'),
+ '#collapsible' => TRUE,
+ );
+
+ $form['settings_general']['blogapi_extensions_default'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Default permitted file extensions'),
+ '#default_value' => $blogapi_extensions_default,
+ '#maxlength' => 255,
+ '#description' => t('Default extensions that users can upload. Separate extensions with a space and do not include the leading dot.'),
+ );
+
+ $form['settings_general']['blogapi_uploadsize_default'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Default maximum file size per upload'),
+ '#default_value' => $blogapi_uploadsize_default,
+ '#size' => 5,
+ '#maxlength' => 5,
+ '#description' => t('The default maximum file size a user can upload.'),
+ '#field_suffix' => t('MB')
+ );
+
+ $form['settings_general']['blogapi_usersize_default'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Default total file size per user'),
+ '#default_value' => $blogapi_usersize_default,
+ '#size' => 5,
+ '#maxlength' => 5,
+ '#description' => t('The default maximum size of all files a user can have on the site.'),
+ '#field_suffix' => t('MB')
+ );
+
+ $form['settings_general']['upload_max_size'] = array('#value' => '<p>'. t('Your PHP settings limit the maximum file size per upload to %size.', array('%size' => format_size(file_upload_max_size()))).'</p>');
+
+ $roles = user_roles(0, 'administer content with blog api');
+ $form['roles'] = array('#type' => 'value', '#value' => $roles);
+
+ foreach ($roles as $rid => $role) {
+ $form['settings_role_'. $rid] = array(
+ '#type' => 'fieldset',
+ '#title' => t('Settings for @role', array('@role' => $role)),
+ '#collapsible' => TRUE,
+ '#collapsed' => TRUE,
+ );
+ $form['settings_role_'. $rid]['blogapi_extensions_'. $rid] = array(
+ '#type' => 'textfield',
+ '#title' => t('Permitted file extensions'),
+ '#default_value' => variable_get('blogapi_extensions_'. $rid, $blogapi_extensions_default),
+ '#maxlength' => 255,
+ '#description' => t('Extensions that users in this role can upload. Separate extensions with a space and do not include the leading dot.'),
+ );
+ $form['settings_role_'. $rid]['blogapi_uploadsize_'. $rid] = array(
+ '#type' => 'textfield',
+ '#title' => t('Maximum file size per upload'),
+ '#default_value' => variable_get('blogapi_uploadsize_'. $rid, $blogapi_uploadsize_default),
+ '#size' => 5,
+ '#maxlength' => 5,
+ '#description' => t('The maximum size of a file a user can upload (in megabytes).'),
+ );
+ $form['settings_role_'. $rid]['blogapi_usersize_'. $rid] = array(
+ '#type' => 'textfield',
+ '#title' => t('Total file size per user'),
+ '#default_value' => variable_get('blogapi_usersize_'. $rid, $blogapi_usersize_default),
+ '#size' => 5,
+ '#maxlength' => 5,
+ '#description' => t('The maximum size of all files a user can have on the site (in megabytes).'),
+ );
+ }
return system_settings_form($form);
}
@@ -720,3 +839,7 @@
return $types;
}
+
+function _blogapi_space_used($uid) {
+ return db_result(db_query('SELECT SUM(filesize) FROM {blogapi_files} f WHERE f.uid = %d', $uid));
+}
Modified: branches/drupal-5.0/modules/book/book.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/book/book.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/book/book.info (original)
+++ branches/drupal-5.0/modules/book/book.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/color/color.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/color/color.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/color/color.info (original)
+++ branches/drupal-5.0/modules/color/color.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/comment/comment.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/comment/comment.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/comment/comment.info (original)
+++ branches/drupal-5.0/modules/comment/comment.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/contact/contact.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/contact/contact.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/contact/contact.info (original)
+++ branches/drupal-5.0/modules/contact/contact.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/drupal/drupal.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/drupal/drupal.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/drupal/drupal.info (original)
+++ branches/drupal-5.0/modules/drupal/drupal.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/filter/filter.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/filter/filter.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/filter/filter.info (original)
+++ branches/drupal-5.0/modules/filter/filter.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/filter/filter.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/filter/filter.module?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/filter/filter.module (original)
+++ branches/drupal-5.0/modules/filter/filter.module Thu Aug 14 23:39:21 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: filter.module,v 1.160.2.7 2008/07/09 21:48:41 drumm Exp $
+// $Id: filter.module,v 1.160.2.9 2008/08/13 23:59:09 drumm Exp $
/**
* @file
@@ -1058,7 +1058,7 @@
'#title' => t('Allowed HTML tags'),
'#default_value' => variable_get("allowed_html_$format", '<a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>'),
'#size' => 64,
- '#maxlength' => 255,
+ '#maxlength' => 1024,
'#description' => t('If "Strip disallowed tags" is selected, optionally specify tags which should not be stripped. JavaScript event attributes are always stripped.'),
);
$form['filter_html']["filter_html_help_$format"] = array(
@@ -1295,7 +1295,7 @@
(
<(?=[^a-zA-Z!/]) # a lone <
| # or
- <[^>]*.(>|$) # a string that starts with a <, up until the > or the end of the string
+ <[^>]*(>|$) # a string that starts with a <, up until the > or the end of the string
| # or
> # just a >
)%x', '_filter_xss_split', $string);
Modified: branches/drupal-5.0/modules/forum/forum.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/forum/forum.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/forum/forum.info (original)
+++ branches/drupal-5.0/modules/forum/forum.info Thu Aug 14 23:39:21 2008
@@ -5,8 +5,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/help/help.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/help/help.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/help/help.info (original)
+++ branches/drupal-5.0/modules/help/help.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/legacy/legacy.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/legacy/legacy.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/legacy/legacy.info (original)
+++ branches/drupal-5.0/modules/legacy/legacy.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/locale/locale.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/locale/locale.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/locale/locale.info (original)
+++ branches/drupal-5.0/modules/locale/locale.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/menu/menu.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/menu/menu.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/menu/menu.info (original)
+++ branches/drupal-5.0/modules/menu/menu.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/node/node.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/node/node.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/node/node.info (original)
+++ branches/drupal-5.0/modules/node/node.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/path/path.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/path/path.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/path/path.info (original)
+++ branches/drupal-5.0/modules/path/path.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/ping/ping.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/ping/ping.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/ping/ping.info (original)
+++ branches/drupal-5.0/modules/ping/ping.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/poll/poll.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/poll/poll.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/poll/poll.info (original)
+++ branches/drupal-5.0/modules/poll/poll.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/profile/profile.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/profile/profile.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/profile/profile.info (original)
+++ branches/drupal-5.0/modules/profile/profile.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/search/search.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/search/search.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/search/search.info (original)
+++ branches/drupal-5.0/modules/search/search.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/statistics/statistics.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/statistics/statistics.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/statistics/statistics.info (original)
+++ branches/drupal-5.0/modules/statistics/statistics.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/system/system.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/system/system.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/system/system.info (original)
+++ branches/drupal-5.0/modules/system/system.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/system/system.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/system/system.module?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/system/system.module (original)
+++ branches/drupal-5.0/modules/system/system.module Thu Aug 14 23:39:21 2008
@@ -1,12 +1,12 @@
<?php
-// $Id: system.module,v 1.440.2.33 2008/07/23 19:52:50 drumm Exp $
+// $Id: system.module,v 1.440.2.35 2008/08/13 23:59:09 drumm Exp $
/**
* @file
* Configuration system that lets administrators modify the workings of the site.
*/
-define('VERSION', '5.9');
+define('VERSION', '5.10');
/**
* Implementation of hook_help().
Modified: branches/drupal-5.0/modules/taxonomy/taxonomy.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/taxonomy/taxonomy.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/taxonomy/taxonomy.info (original)
+++ branches/drupal-5.0/modules/taxonomy/taxonomy.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/throttle/throttle.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/throttle/throttle.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/throttle/throttle.info (original)
+++ branches/drupal-5.0/modules/throttle/throttle.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/tracker/tracker.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/tracker/tracker.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/tracker/tracker.info (original)
+++ branches/drupal-5.0/modules/tracker/tracker.info Thu Aug 14 23:39:21 2008
@@ -5,8 +5,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/upload/upload.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/upload/upload.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/upload/upload.info (original)
+++ branches/drupal-5.0/modules/upload/upload.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/user/user.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/user/user.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/user/user.info (original)
+++ branches/drupal-5.0/modules/user/user.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/modules/user/user.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/user/user.module?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/user/user.module (original)
+++ branches/drupal-5.0/modules/user/user.module Thu Aug 14 23:39:21 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: user.module,v 1.745.2.31 2008/07/16 19:46:02 drumm Exp $
+// $Id: user.module,v 1.745.2.32 2008/08/13 23:59:09 drumm Exp $
/**
* @file
@@ -1658,21 +1658,10 @@
* Menu callback: add an access rule
*/
function user_admin_access_add($mask = NULL, $type = NULL) {
- if ($edit = $_POST) {
- if (!$edit['mask']) {
- form_set_error('mask', t('You must enter a mask.'));
- }
- else {
- $aid = db_next_id('{access}_aid');
- db_query("INSERT INTO {access} (aid, mask, type, status) VALUES ('%s', '%s', '%s', %d)", $aid, $edit['mask'], $edit['type'], $edit['status']);
- drupal_set_message(t('The access rule has been added.'));
- drupal_goto('admin/user/rules');
- }
- }
- else {
- $edit['mask'] = $mask;
- $edit['type'] = $type;
- }
+ $edit = array();
+ $edit['aid'] = 0;
+ $edit['mask'] = $mask;
+ $edit['type'] = $type;
return drupal_get_form('user_admin_access_add_form', $edit, t('Add rule'));
}
@@ -1704,23 +1693,16 @@
* Menu callback: edit an access rule
*/
function user_admin_access_edit($aid = 0) {
- if ($edit = $_POST) {
- if (!$edit['mask']) {
- form_set_error('mask', t('You must enter a mask.'));
- }
- else {
- db_query("UPDATE {access} SET mask = '%s', type = '%s', status = '%s' WHERE aid = %d", $edit['mask'], $edit['type'], $edit['status'], $aid);
- drupal_set_message(t('The access rule has been saved.'));
- drupal_goto('admin/user/rules');
- }
- }
- else {
- $edit = db_fetch_array(db_query('SELECT aid, type, status, mask FROM {access} WHERE aid = %d', $aid));
- }
+ $edit = db_fetch_array(db_query('SELECT aid, type, status, mask FROM {access} WHERE aid = %d', $aid));
return drupal_get_form('user_admin_access_edit_form', $edit, t('Save rule'));
}
function user_admin_access_form($edit, $submit) {
+ $form = array();
+ $form['aid'] = array(
+ '#type' => 'value',
+ '#value' => $edit['aid'],
+ );
$form['status'] = array(
'#type' => 'radios',
'#title' => t('Access type'),
@@ -1744,8 +1726,24 @@
'#required' => TRUE,
);
$form['submit'] = array('#type' => 'submit', '#value' => $submit);
+ $form['#base'] = 'user_admin_access_form';
return $form;
+}
+
+/**
+ * Submit callback for user_admin_access_form().
+ */
+function user_admin_access_form_submit($form_id, $form_values) {
+ if ($form_values['aid']) {
+ db_query("UPDATE {access} SET mask = '%s', type = '%s', status = '%s' WHERE aid = %d", $form_values['mask'], $form_values['type'], $form_values['status'], $form_values['aid']);
+ drupal_set_message(t('The access rule has been saved.'));
+ }
+ else {
+ db_query("INSERT INTO {access} (mask, type, status) VALUES ('%s', '%s', %d)", $form_values['mask'], $form_values['type'], $form_values['status']);
+ drupal_set_message(t('The access rule has been added.'));
+ }
+ return 'admin/user/rules';
}
/**
Modified: branches/drupal-5.0/modules/watchdog/watchdog.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/watchdog/watchdog.info?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/modules/watchdog/watchdog.info (original)
+++ branches/drupal-5.0/modules/watchdog/watchdog.info Thu Aug 14 23:39:21 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-23
-version = "5.9"
+; Information added by drupal.org packaging script on 2008-08-14
+version = "5.10"
project = "drupal"
-datestamp = "1216843213"
+datestamp = "1218672307"
Modified: branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine?rev=1921&op=diff
==============================================================================
--- branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine (original)
+++ branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine Thu Aug 14 23:39:21 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: phptemplate.engine,v 1.54.2.3 2008/07/16 18:37:18 drumm Exp $
+// $Id: phptemplate.engine,v 1.54.2.4 2008/08/13 18:47:17 drumm Exp $
/**
* @file
@@ -168,27 +168,30 @@
$layout = 'none';
if ($show_blocks) {
global $sidebar_indicator;
- /**
- * Sidebar_indicator tells the block counting code to count sidebars separately.
- */
// Load blocks early for adding header info
foreach ($regions as $region) {
+ // Sidebar_indicator tells the block counting code
+ // to count sidebars separately.
+ if ($region == 'left' || $region == 'right') {
+ $sidebar_indicator = $region;
+ }
+ else {
+ $sidebar_indicator = NULL;
+ }
$variables['regions'][$region] = theme('blocks', $region);
}
-
- $sidebar_indicator = 'left';
+ $sidebar_indicator = NULL;
+
$sidebar_left = $variables['regions']['left'];
if ($sidebar_left != '') {
$layout = 'left';
}
- $sidebar_indicator = 'right';
$sidebar_right = $variables['regions']['right'];
if ($sidebar_right != '') {
$layout = ($layout == 'left') ? 'both' : 'right';
}
- $sidebar_indicator = NULL;
}
else {
// Add empty strings as default
More information about the Pkg-drupal-commits
mailing list